Home / os / winme

mini-traverse.txt

Posted on 13 February 2007

Hello! Miniwebsvr 0.0.6 suffers from a directory traversal flaw. "Exploit" : http://yoursite/..%00 Attack vector seems limited as you're only able to list one level down. Cheers, Daniel Nyström, daniel.nystrom@xored.net Fredrik Wessberg, fredd3@hotmail.com

 

TOP